ThinkPHPÏîÄ¿×éµÄȨÏÞÔõôÉèÖÃ
Ò»¡¢ÊìϤThinkPHPȨÏÞÉèÖÃ
ȨÏÞÉèÖÃÖ¸µÄÊÇƾ֤Óû§µÄȨÏÞ¹æÄ££¬¾ÙÐвÙ×÷ȨÏÞ·ÖÅÉ£¬ÒÔʹÆäÄܹ»¾ÙÐÐÏìÓ¦µÄ²Ù×÷¡£ÔÚThinkPHP¿ò¼ÜÖУ¬È¨ÏÞµÄÉèÖÿÉÒÔͨ¹ýRBAC£¨Role-Based Access Control£¬»ùÓÚ½ÇÉ«µÄ»á¼û¿ØÖÆ£©·½·¨ÊµÏÖ¡£½ÇÉ«»ù´¡»á¼û¿ØÖÆ£¨RBAC£©ÊÇÒ»ÖÖ»á¼û¿ØÖÆÄ£×Ó£¬Æä»ùÓÚ½ÇÉ«¶ø·ÇÓû§¾ÙÐÐȨÏÞ·ÖÅÉ£¬²¢ÇÒ̫ͨ¹ýÅä½ÇÉ«À´ÊÚÓèÓû§»á¼ûȨÏÞ¡£RBAC¾ß±¸ÈçÏÂÌص㣺
½«È¨ÏÞÊÚȨ¸ø½ÇÉ«£¬ÔÙ½«½ÇÉ«¸¶ÓëÓû§£¬Àû±ãÖÎÀí£»
Óû§Ö»ÐèÒªÓµÓнÇÉ«£¬¾ÍÄÜÓµÓнÇÉ«ËùÓµÓеÄËùÓÐȨÏÞ£»
Á¬Ã¦Ñ§Ï°¡°PHPÃâ·ÑѧϰÌõ¼Ç£¨ÉîÈ룩¡±£»
ϵͳÒ×ÓÚÀ©Õ¹ºÍά»¤£¬¾ßÓÐÓÅÒìµÄ¿ÉÀ©Õ¹ÐÔ£»
ʵÏÖÁËȨÏÞÓëÓªÒµÂß¼ÊèÉ¢£¬ÏÔÖøÌá¸ßÁË´úÂ븴ÓÃÂʺͻá¼ûÇå¾²ÐÔ¡£
¶þ¡¢»ùÓÚRBACµÄȨÏÞÉèÖð취
Step 1 ½¨ÉèȨÏÞ±í
ÔÚÊý¾Ý¿âÖн¨ÉèÒ»ÕÅȨÏÞ±í£¬°üÀ¨×Ö¶Îid¡¢name¡¢titleºÍstatus£»
idºÍname×Ö¶ÎÊÇÖ÷¼üºÍȨÏÞ±êʶ£»
title×Ö¶ÎÊÇȨÏÞÃû³Æ£»
status×Ö¶ÎÊÇȨÏÞ״̬£¬1´ú±íÆôÓã¬0´ú±í½ûÓá£
Step 2 ½¨Éè½ÇÉ«±í
ÔÚÊý¾Ý¿âÖн¨ÉèÒ»ÕŽÇÉ«±í£¬°üÀ¨×Ö¶Îid¡¢name¡¢titleºÍstatus£»
idºÍname×Ö¶ÎÊÇÖ÷¼üºÍ½ÇÉ«±êʶ£»
title×Ö¶ÎÊǽÇÉ«Ãû³Æ£»
status×Ö¶ÎÊǽÇɫ״̬£¬1´ú±íÆôÓã¬0´ú±í½ûÓá£
Step 3 ½¨ÉèÓû§±í
ÔÚÊý¾Ý¿âÖн¨ÉèÒ»ÕÅÓû§±í£¬°üÀ¨×Ö¶Îid¡¢username¡¢passwordºÍstatus£»
id×Ö¶ÎÊÇÖ÷¼ü£»
usernameÊÇÓû§Ãû£»
passwordÊÇÃÜÂ룻
statusÌåÏÖÓû§×´Ì¬£¬1´ú±íÆôÓã¬0´ú±í½ûÓá£
Step 4 ½¨ÉèÓû§½ÇÉ«¹ØÁª±í
ÔÚÊý¾Ý¿âÖн¨ÉèÒ»ÕÅÓû§½ÇÉ«¹ØÁª±í£¬°üÀ¨×Ö¶Îuser_idºÍrole_id£»
user_idÊÇÓû§±êʶ£»
role_idÊǽÇÉ«±êʶ¡£
Step 5 ½¨Éè½ÇɫȨÏÞ¹ØÁª±í
ÔÚÊý¾Ý¿âÖн¨ÉèÒ»ÕŽÇɫȨÏÞ¹ØÁª±í£¬°üÀ¨×Ö¶Îrole_idºÍrule_id£»
role_idÊǽÇÉ«±êʶ£»
rule_idÊÇȨÏÞ±êʶ¡£
Step 6 ʵÏÖȨÏÞ¿ØÖÆ
ÔÚThinkPHPÏîÄ¿ÖУ¬ÊµÏÖȨÏÞ¿ØÖƵÄÒªÁìÈçÏ£º
ÔÚÏîÄ¿Öнç˵¹«¹²¿ØÖÆÆ÷CommonController£¬¸Ã¿ØÖÆÆ÷¿ÉÒÔʵÏÖ¶ÔËùÓÐÓû§µÄȨÏÞ¿ØÖÆ£»
½¨ÉèAuthÀàʵÏÖȨÏÞÑéÖ¤£»
ÔÚCommonControllerÀàÖоÙÐÐȨÏÞ¿ØÖÆ£¬ÈçÏÂËùʾ£º
public function _initialize(){ if(!authcheck()){ } } public function authcheck(){ $auth=new Auth; if($auth->check(MODULE_NAME.'/'.CONTROLLER_NAME.'/'.ACTION_NAME,session('uid'))){ return true; }else{ return false; } }
µÇ¼ºó¸´ÖÆ
ÔÚAuthÀàÖУ¬ÊµÏÖÁËȨÏÞÑéÖ¤µÄÂß¼£¬ÈçÏÂËùʾ£º
class Auth { //¼ì²éȨÏÞ public function check($name, $uid){ if(in_array($uid, C('AUTH_SUPER_ADMIN'))){ return true; } $infos=M('user')->field('role_id')->where('id='.$uid)->find(); $role_id=$infos['role_id']; $rules=M('access')->where('role_id='.$role_id)->select(); foreach($rules as $v){ $rule_ids[]=$v['rule_id']; } $rules=M('rule')->where('id in ('.implode(',',$rule_ids).')')->select(); foreach($rules as $r){ $urls[]=$r['name']; } if(in_array($name,$urls)){ return true; }else{ return false; } } }
µÇ¼ºó¸´ÖÆ
ÒÔÉÏ´úÂëʵÏÖµÄÂß¼ÊÇΪÓû§µÄËùÓвÙ×÷ÇëÇóÌí¼ÓȨÏÞÑéÖ¤¡£ÑéÖ¤Æ÷»áÔÚÓû§ÇëÇóÐèҪȨÏÞ¿ØÖƵIJÙ×÷ʱ£¬ÓÅÏȼì²é¸ÃÓû§ÊÇ·ñ¾ß±¸³¬µÈÖÎÀíԱȨÏÞ¡£ÈôÊÇÓû§Îª³¬µÈÖÎÀíÔ±£¬ÔòÖ±½Óͨ¹ýÄ¥Á·£»ÈôÊÇÓû§²»Êdz¬µÈÖÎÀíÔ±£¬Ôòƾ֤Óû§µÄ½ÇÉ«ID£¨´ÓÓû§±íÖÐÅÌÎÊ£©²éÕҸýÇÉ«ËùÓµÓеÄȨÏÞIDÁÐ±í£¨´Ó¹ØÁª±íÖÐÅÌÎÊ£©£¬È»ºóƾ֤ȨÏÞIDÁбí²éÕÒ¶ÔÓ¦µÄȨÏÞÃû³ÆÁÐ±í£»ÈôÊÇÇëÇóµÄ²Ù×÷Ãû³ÆÔÚȨÏÞÃû³ÆÁбíÖ®ÖУ¬Ôòͨ¹ýÑéÖ¤£»·´Ö®£¬ÔòȨÏÞÑé֤ʧ°Ü¡£
ÒÔÉϾÍÊÇThinkPHPÏîÄ¿×éµÄȨÏÞÔõôÉèÖõÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡